bosun 0.29.2 → 0.29.4

package/.env.example

@@ -482,7 +482,7 @@ TELEGRAM_MINIAPP_ENABLED=false
 # CODEX_FEATURES_CHILD_AGENTS_MD=true     # Sub-agent discovery via CODEX.md (KEY for sub-agents)
 # CODEX_FEATURES_MEMORY_TOOL=true         # Persistent memory across sessions
 # CODEX_FEATURES_UNDO=true                # Undo/rollback support
-# CODEX_FEATURES_COLLAB=true              # Collaboration mode
+# CODEX_FEATURES_MULTI_AGENT=true         # Multi Agent mode
 # CODEX_FEATURES_COLLABORATION_MODES=true # Mode selection for collaboration
 # CODEX_FEATURES_STEER=true               # Steering/guidance
 # CODEX_FEATURES_APPS=true                # ChatGPT Apps integration

package/agent-pool.mjs

@@ -307,8 +307,26 @@ const SDK_ADAPTERS = {
   },
 };
 
-/** Ordered fallback chain for SDK resolution */
-const SDK_FALLBACK_ORDER = ["codex", "copilot", "claude"];
+/**
+ * Ordered fallback chain for SDK resolution.
+ * Configurable via bosun.config.json → agentPool.fallbackOrder
+ */
+let SDK_FALLBACK_ORDER = ["codex", "copilot", "claude"];
+
+// Attempt to load custom fallback order from config
+try {
+  const cfg = loadConfig();
+  const customOrder = cfg?.agentPool?.fallbackOrder;
+  if (Array.isArray(customOrder) && customOrder.length > 0) {
+    // Validate: only accept known SDK names
+    const valid = customOrder
+      .map((s) => String(s).trim().toLowerCase())
+      .filter((s) => SDK_ADAPTERS[s]);
+    if (valid.length > 0) SDK_FALLBACK_ORDER = valid;
+  }
+} catch {
+  // loadConfig not available or no custom order — use default
+}
 
 // ---------------------------------------------------------------------------
 // SDK Resolution & Cache
@@ -570,7 +588,7 @@ async function launchCodexThread(prompt, cwd, timeoutMs, extra = {}) {
     ...(codexOpts.config || {}),
     features: {
       child_agents_md: true,
-      collab: true,
+      multi_agent: true,
       memory_tool: true,
       undo: true,
       steer: true,

package/agent-sdk.mjs

@@ -21,12 +21,12 @@ const DEFAULT_CAPABILITIES_BY_PRIMARY = {
   },
   copilot: {
     steering: false,
-    subagents: false,
+    subagents: true,
     vscodeTools: true,
   },
   claude: {
     steering: false,
-    subagents: false,
+    subagents: true,
     vscodeTools: false,
   },
 };

package/cli.mjs

@@ -118,6 +118,7 @@ function showHelp() {
     --workspace-add <name>      Create a new workspace
     --workspace-switch <id>     Switch active workspace
     --workspace-add-repo        Add repo to workspace (interactive)
+    --workspace-health          Run workspace health diagnostics
 
   TASK MANAGEMENT
     task list [--status s] [--json]  List tasks with optional filters
@@ -914,6 +915,17 @@ async function main() {
     process.exit(0);
   }
 
+  // Handle --workspace-health / --verify-workspace
+  if (args.includes("--workspace-health") || args.includes("--verify-workspace") || args.includes("workspace-health")) {
+    const { runWorkspaceHealthCheck, formatWorkspaceHealthReport } =
+      await import("./config-doctor.mjs");
+    const configDirArg = getArgValue("--config-dir");
+    const configDir = configDirArg || process.env.BOSUN_DIR || resolve(os.homedir(), "bosun");
+    const result = runWorkspaceHealthCheck({ configDir });
+    console.log(formatWorkspaceHealthReport(result));
+    process.exit(result.ok ? 0 : 1);
+  }
+
   // Handle --setup
   if (args.includes("--setup") || args.includes("setup")) {
     const configDirArg = getArgValue("--config-dir");

package/codex-config.mjs

@@ -9,12 +9,22 @@
  *   5. Sandbox permissions and shell environment policy
  *   6. Common MCP servers (context7, microsoft-docs)
  *
+ * SCOPE: This manages the GLOBAL ~/.codex/config.toml which contains:
+ *   - Model provider configs (API keys, base URLs) — MUST be global
+ *   - Stream timeouts & retry settings — per-provider, global
+ *   - Sandbox workspace-write (writable_roots) — spans multiple repos, global
+ *   - Feature flags, MCP servers, agent_sdk — kept as FALLBACK defaults
+ *     (prefer repo-level .codex/config.toml via repo-config.mjs)
+ *
+ * For project-scoped settings, see repo-config.mjs which generates
+ * .codex/config.toml at the repo level.
+ *
  * Uses string-based TOML manipulation (no parser dependency) — we only
  * append or patch well-known sections rather than rewriting the whole file.
  */
 
-import { existsSync, readFileSync, writeFileSync, mkdirSync } from "node:fs";
-import { resolve, dirname } from "node:path";
+import { existsSync, readFileSync, writeFileSync, mkdirSync, statSync } from "node:fs";
+import { resolve, dirname, parse } from "node:path";
 import { homedir } from "node:os";
 import { fileURLToPath } from "node:url";
 import { resolveCodexProfileRuntime } from "./codex-model-profiles.mjs";
@@ -55,25 +65,38 @@ const AGENT_SDK_CAPS_HEADER = "[agent_sdk.capabilities]";
 const AGENTS_HEADER = "[agents]";
 const DEFAULT_AGENT_MAX_THREADS = 12;
 
-const DEFAULT_AGENT_SDK_BLOCK = [
-  "",
-  "# ── Agent SDK selection (added by bosun) ──",
-  AGENT_SDK_HEADER,
-  "# Primary agent SDK used for in-process automation.",
-  '# Supported: "codex", "copilot", "claude"',
-  'primary = "codex"',
-  "# Max concurrent agent threads per Codex session.",
-  `max_threads = ${DEFAULT_AGENT_MAX_THREADS}`,
-  "",
-  AGENT_SDK_CAPS_HEADER,
-  "# Live steering updates during an active run.",
-  "steering = true",
-  "# Ability to spawn subagents/child tasks.",
-  "subagents = true",
-  "# Access to VS Code tools (Copilot extension).",
-  "vscode_tools = false",
-  "",
-].join("\n");
+/**
+ * Build the default [agent_sdk] TOML block.
+ * @param {string} [primary="codex"]  The primary SDK: "codex", "copilot", or "claude"
+ * @returns {string}
+ */
+function buildDefaultAgentSdkBlock(primary = "codex") {
+  const caps = {
+    codex:   { steering: true,  subagents: true,  vscodeTools: false },
+    copilot: { steering: false, subagents: true,  vscodeTools: true  },
+    claude:  { steering: false, subagents: true,  vscodeTools: false },
+  };
+  const c = caps[primary] || caps.codex;
+  return [
+    "",
+    "# ── Agent SDK selection (added by bosun) ──",
+    AGENT_SDK_HEADER,
+    "# Primary agent SDK used for in-process automation.",
+    '# Supported: "codex", "copilot", "claude"',
+    `primary = "${primary}"`,
+    "# Max concurrent agent threads per Codex session.",
+    `max_threads = ${DEFAULT_AGENT_MAX_THREADS}`,
+    "",
+    AGENT_SDK_CAPS_HEADER,
+    "# Live steering updates during an active run.",
+    `steering = ${c.steering}`,
+    "# Ability to spawn subagents/child tasks.",
+    `subagents = ${c.subagents}`,
+    "# Access to VS Code tools (Copilot extension).",
+    `vscode_tools = ${c.vscodeTools}`,
+    "",
+  ].join("\n");
+}
 
 /**
  * @deprecated No longer used — max_threads is now managed under [agent_sdk].
@@ -100,7 +123,7 @@ const buildAgentsBlock = (_maxThreads) =>
 const RECOMMENDED_FEATURES = {
   // Sub-agents & collaboration
   child_agents_md:        { default: true, envVar: "CODEX_FEATURES_CHILD_AGENTS_MD",   comment: "Enable sub-agent discovery via CODEX.md" },
-  collab:                 { default: true, envVar: "CODEX_FEATURES_COLLAB",             comment: "Enable collaboration mode" },
+  multi_agent:                 { default: true, envVar: "CODEX_FEATURES_MULTI_AGENT",             comment: "Enable collaboration mode" },
   collaboration_modes:    { default: true, envVar: "CODEX_FEATURES_COLLABORATION_MODES", comment: "Enable collaboration mode selection" },
 
   // Continuity & recovery
@@ -128,7 +151,7 @@ const RECOMMENDED_FEATURES = {
 const CRITICAL_ALWAYS_ON_FEATURES = new Set([
   "child_agents_md",
   "memory_tool",
-  "collab",
+  "multi_agent",
   "collaboration_modes",
   "shell_tool",
   "unified_exec",
@@ -411,11 +434,25 @@ function formatTomlArray(values) {
   return `[${values.map((value) => `"${String(value).replace(/"/g, '\\"')}"`).join(", ")}]`;
 }
 
-function normalizeWritableRoots(input, { repoRoot, additionalRoots } = {}) {
+function normalizeWritableRoots(input, { repoRoot, additionalRoots, validateExistence = false } = {}) {
   const roots = new Set();
   const addRoot = (value) => {
     const trimmed = String(value || "").trim();
     if (!trimmed) return;
+    // Reject bare relative paths like ".git" — they resolve relative to CWD
+    // at Codex launch time and cause "writable root does not exist" errors
+    // (e.g. /home/user/.codex/.git). Only accept absolute paths.
+    if (!trimmed.startsWith("/")) return;
+    // When validateExistence is true, skip paths that don't exist on disk.
+    // This prevents the sandbox from failing to start with phantom roots.
+    if (validateExistence && !existsSync(trimmed)) return;
+    roots.add(trimmed);
+  };
+  // Always-add: these are primary roots (repo root, parent) that should be
+  // present even if validateExistence is true — they're the intended CWD.
+  const addPrimaryRoot = (value) => {
+    const trimmed = String(value || "").trim();
+    if (!trimmed || !trimmed.startsWith("/")) return;
     roots.add(trimmed);
   };
   if (Array.isArray(input)) {
@@ -428,17 +465,23 @@ function normalizeWritableRoots(input, { repoRoot, additionalRoots } = {}) {
       .forEach(addRoot);
   }
 
-  // Add paths for primary repo root
+  // Add paths for a repo root — only if it's a non-empty absolute path
   const addRepoRootPaths = (repo) => {
     if (!repo) return;
-    const r = String(repo);
-    if (!r) return;
-    addRoot(r);
-    addRoot(resolve(r, ".git"));
-    addRoot(resolve(r, ".cache", "worktrees"));
-    addRoot(resolve(r, ".cache"));
+    const r = String(repo).trim();
+    if (!r || !r.startsWith("/")) return;
+    // Repo root and parent are always added (they're primary working dirs)
+    addPrimaryRoot(r);
+    const gitDir = resolve(r, ".git");
+    // Only add .git if it actually exists (prevents phantom writable roots)
+    if (existsSync(gitDir)) addRoot(gitDir);
+    const cacheWorktrees = resolve(r, ".cache", "worktrees");
+    // Only add .cache subdirs if they exist — avoid phantom roots
+    if (existsSync(cacheWorktrees)) addRoot(cacheWorktrees);
+    const cacheDir = resolve(r, ".cache");
+    if (existsSync(cacheDir)) addRoot(cacheDir);
     const parent = dirname(r);
-    if (parent && parent !== r) addRoot(parent);
+    if (parent && parent !== r) addPrimaryRoot(parent);
   };
 
   addRepoRootPaths(repoRoot);
@@ -451,11 +494,95 @@ function normalizeWritableRoots(input, { repoRoot, additionalRoots } = {}) {
   }
 
   // /tmp is needed for sandbox temp files, pip installs, etc.
-  addRoot("/tmp");
+  roots.add("/tmp");
 
   return Array.from(roots);
 }
 
+/**
+ * Validate that a directory has a valid .git ancestor (regular repo or worktree).
+ * In worktrees, .git is a file containing "gitdir: <path>" — follow the reference
+ * to find the actual git object store. Returns the resolved .git directory path
+ * or null if not found.
+ * @param {string} dir - Directory to check
+ * @returns {{ gitDir: string|null, mainWorktreeRoot: string|null, isWorktree: boolean }}
+ */
+export function ensureGitAncestor(dir) {
+  if (!dir) return { gitDir: null, mainWorktreeRoot: null, isWorktree: false };
+  let current = resolve(dir);
+  const { root } = parse(current);
+  while (current !== root) {
+    const gitPath = resolve(current, ".git");
+    if (existsSync(gitPath)) {
+      try {
+        const stat = statSync(gitPath);
+        if (stat.isDirectory()) {
+          // Regular git repo
+          return { gitDir: gitPath, mainWorktreeRoot: current, isWorktree: false };
+        }
+        if (stat.isFile()) {
+          // Worktree: .git is a file with "gitdir: <relative-or-absolute-path>"
+          const content = readFileSync(gitPath, "utf8").trim();
+          const match = content.match(/^gitdir:\s*(.+)$/);
+          if (match) {
+            const gitdirRef = resolve(current, match[1].trim());
+            // Worktree gitdir points to <main-repo>/.git/worktrees/<name>
+            // Walk up 2 levels to get the main .git directory
+            const mainGitDir = resolve(gitdirRef, "..", "..");
+            const mainRepoRoot = dirname(mainGitDir);
+            return {
+              gitDir: mainGitDir,
+              mainWorktreeRoot: mainRepoRoot,
+              isWorktree: true,
+            };
+          }
+        }
+      } catch { /* permission error, race, etc. */ }
+    }
+    current = dirname(current);
+  }
+  return { gitDir: null, mainWorktreeRoot: null, isWorktree: false };
+}
+
+/**
+ * Build writable roots for a specific task's execution context.
+ * Combines the global config roots with task-specific paths (worktree, repo root).
+ * @param {{ worktreePath?: string, repoRoot?: string, existingRoots?: string[] }} opts
+ * @returns {string[]} Merged writable roots
+ */
+export function buildTaskWritableRoots({ worktreePath, repoRoot, existingRoots = [] } = {}) {
+  const roots = new Set(existingRoots.filter(r => r && r.startsWith("/") && existsSync(r)));
+  const addIfExists = (p) => {
+    if (p && p.startsWith("/") && existsSync(p)) roots.add(p);
+  };
+  // Add path even if it doesn't exist yet (will be created by the task)
+  const addRoot = (p) => {
+    if (p && p.startsWith("/")) roots.add(p);
+  };
+
+  if (worktreePath) {
+    addRoot(worktreePath); // Worktree dir itself may be about to be created
+    // Worktrees have a .git file pointing to main repo — resolve the actual git dir
+    const ancestor = ensureGitAncestor(worktreePath);
+    if (ancestor.gitDir) addIfExists(ancestor.gitDir);
+    if (ancestor.mainWorktreeRoot) {
+      addIfExists(resolve(ancestor.mainWorktreeRoot, ".git"));
+      addIfExists(resolve(ancestor.mainWorktreeRoot, ".cache", "worktrees"));
+    }
+  }
+  if (repoRoot) {
+    addRoot(repoRoot);
+    const gitDir = resolve(repoRoot, ".git");
+    if (existsSync(gitDir)) addIfExists(gitDir);
+    addIfExists(resolve(repoRoot, ".cache", "worktrees"));
+    addIfExists(resolve(repoRoot, ".cache"));
+    const parent = dirname(repoRoot);
+    if (parent && parent !== repoRoot) addIfExists(parent);
+  }
+  roots.add("/tmp");
+  return Array.from(roots);
+}
+
 export function hasSandboxWorkspaceWrite(toml) {
   return /^\[sandbox_workspace_write\]/m.test(toml);
 }
@@ -470,7 +597,7 @@ export function ensureSandboxWorkspaceWrite(toml, options = {}) {
     excludeSlashTmp = false,
   } = options;
 
-  const desiredRoots = normalizeWritableRoots(writableRoots, { repoRoot, additionalRoots });
+  const desiredRoots = normalizeWritableRoots(writableRoots, { repoRoot, additionalRoots, validateExistence: true });
   if (!hasSandboxWorkspaceWrite(toml)) {
     if (desiredRoots.length === 0) {
       return { toml, changed: false, added: false, rootsAdded: [] };
@@ -522,13 +649,18 @@ export function ensureSandboxWorkspaceWrite(toml, options = {}) {
   const match = section.match(rootsRegex);
   if (match) {
     const existingRoots = parseTomlArrayLiteral(match[1]);
-    const merged = normalizeWritableRoots(existingRoots, { repoRoot });
+    // Filter out stale roots that no longer exist on disk
+    const validExisting = existingRoots.filter((r) => r === "/tmp" || existsSync(r));
+    const merged = normalizeWritableRoots(validExisting, { repoRoot, validateExistence: true });
     for (const root of desiredRoots) {
       if (!merged.includes(root)) {
         merged.push(root);
         rootsAdded.push(root);
       }
     }
+    // Track any roots that were removed due to non-existence
+    const staleRemoved = existingRoots.filter((r) => r !== "/tmp" && !existsSync(r));
+    if (staleRemoved.length > 0) changed = true;
     const formatted = formatTomlArray(merged);
     if (formatted !== match[1]) {
       section = section.replace(rootsRegex, `writable_roots = ${formatted}`);
@@ -555,6 +687,39 @@ export function ensureSandboxWorkspaceWrite(toml, options = {}) {
   };
 }
 
+/**
+ * Prune writable_roots in [sandbox_workspace_write] that no longer exist on disk.
+ * Returns the updated TOML and a list of removed paths.
+ * @param {string} toml
+ * @returns {{ toml: string, changed: boolean, removed: string[] }}
+ */
+export function pruneStaleSandboxRoots(toml) {
+  if (!hasSandboxWorkspaceWrite(toml)) {
+    return { toml, changed: false, removed: [] };
+  }
+  const header = "[sandbox_workspace_write]";
+  const headerIdx = toml.indexOf(header);
+  if (headerIdx === -1) return { toml, changed: false, removed: [] };
+  const afterHeader = headerIdx + header.length;
+  const nextSection = toml.indexOf("\n[", afterHeader);
+  const sectionEnd = nextSection === -1 ? toml.length : nextSection;
+  let section = toml.substring(afterHeader, sectionEnd);
+
+  const rootsRegex = /^writable_roots\s*=\s*(\[[^\]]*\])\s*$/m;
+  const match = section.match(rootsRegex);
+  if (!match) return { toml, changed: false, removed: [] };
+
+  const existing = parseTomlArrayLiteral(match[1]);
+  const valid = existing.filter((r) => r === "/tmp" || existsSync(r));
+  const removed = existing.filter((r) => r !== "/tmp" && !existsSync(r));
+  if (removed.length === 0) return { toml, changed: false, removed: [] };
+
+  section = section.replace(rootsRegex, `writable_roots = ${formatTomlArray(valid)}`);
+  const updatedToml =
+    toml.substring(0, afterHeader) + section + toml.substring(sectionEnd);
+  return { toml: updatedToml, changed: true, removed };
+}
+
 /**
  * Build the [shell_environment_policy] section.
  * Default: inherit = "all" so .NET, Go, Node etc. env vars are visible.
@@ -723,9 +888,12 @@ export function hasAgentSdkConfig(toml) {
 
 /**
  * Build the default agent SDK block.
+ * @param {object}  [opts]
+ * @param {string}  [opts.primary="codex"]  Primary SDK: "codex", "copilot", or "claude"
+ * @returns {string}
  */
-export function buildAgentSdkBlock() {
-  return DEFAULT_AGENT_SDK_BLOCK;
+export function buildAgentSdkBlock({ primary = "codex" } = {}) {
+  return buildDefaultAgentSdkBlock(primary);
 }
 
 /**
@@ -967,12 +1135,14 @@ export function ensureRetrySettings(toml, providerName) {
  * @param {boolean} [opts.skipVk]
  * @param {boolean} [opts.dryRun]  If true, returns result without writing
  * @param {object}  [opts.env]     Environment overrides (defaults to process.env)
+ * @param {string}  [opts.primarySdk]  Primary agent SDK: "codex", "copilot", or "claude"
  */
 export function ensureCodexConfig({
   vkBaseUrl = "http://127.0.0.1:54089",
   skipVk = false,
   dryRun = false,
   env = process.env,
+  primarySdk,
 } = {}) {
   const result = {
     path: CONFIG_PATH,
@@ -988,6 +1158,7 @@ export function ensureCodexConfig({
     sandboxWorkspaceAdded: false,
     sandboxWorkspaceUpdated: false,
     sandboxWorkspaceRootsAdded: [],
+    sandboxStaleRootsRemoved: [],
     shellEnvAdded: false,
     commonMcpAdded: false,
     profileProvidersAdded: [],
@@ -1068,8 +1239,21 @@ export function ensureCodexConfig({
 
   // ── 1b. Ensure agent SDK selection block ──────────────────
 
+  // Resolve which SDK should be primary:
+  //   1. Explicit primarySdk parameter
+  //   2. PRIMARY_AGENT env var (e.g. "copilot-sdk" → "copilot")
+  //   3. Default: "codex"
+  const resolvedPrimary = (() => {
+    if (primarySdk && ["codex", "copilot", "claude"].includes(primarySdk)) {
+      return primarySdk;
+    }
+    const envPrimary = (env.PRIMARY_AGENT || "").trim().toLowerCase().replace(/-sdk$/, "");
+    if (["codex", "copilot", "claude"].includes(envPrimary)) return envPrimary;
+    return "codex";
+  })();
+
   if (!hasAgentSdkConfig(toml)) {
-    toml += buildAgentSdkBlock();
+    toml += buildAgentSdkBlock({ primary: resolvedPrimary });
     result.agentSdkAdded = true;
   }
 
@@ -1114,7 +1298,7 @@ export function ensureCodexConfig({
   // ── 1f. Ensure sandbox workspace-write defaults ───────────
 
   {
-    // Determine primary repo root and any workspace roots
+    // Determine primary repo root — prefer workspace agent root
     const primaryRepoRoot = env.BOSUN_AGENT_REPO_ROOT || env.REPO_ROOT || "";
     const additionalRoots = [];
     // If agent repo root differs from REPO_ROOT, include both
@@ -1122,6 +1306,27 @@ export function ensureCodexConfig({
         env.BOSUN_AGENT_REPO_ROOT !== env.REPO_ROOT) {
       additionalRoots.push(env.REPO_ROOT);
     }
+    // Enumerate ALL workspace repo paths so every repo's .git/.cache is writable
+    try {
+      // Inline workspace config read (sync) — avoids async import in sync function
+      const configDirGuess = env.BOSUN_DIR || resolve(homedir(), "bosun");
+      const bosunConfigPath = resolve(configDirGuess, "bosun.config.json");
+      if (existsSync(bosunConfigPath)) {
+        const bosunCfg = JSON.parse(readFileSync(bosunConfigPath, "utf8"));
+        const wsDir = resolve(configDirGuess, "workspaces");
+        const allWs = Array.isArray(bosunCfg.workspaces) ? bosunCfg.workspaces : [];
+        for (const ws of allWs) {
+          const wsPath = resolve(wsDir, ws.id || ws.name || "");
+          for (const repo of ws.repos || []) {
+            const repoPath = resolve(wsPath, repo.name);
+            if (repoPath && !additionalRoots.includes(repoPath) &&
+                repoPath !== primaryRepoRoot) {
+              additionalRoots.push(repoPath);
+            }
+          }
+        }
+      }
+    } catch { /* workspace config read failed — skip */ }
     const ensured = ensureSandboxWorkspaceWrite(toml, {
       writableRoots: env.CODEX_SANDBOX_WRITABLE_ROOTS || "",
       repoRoot: primaryRepoRoot,
@@ -1133,6 +1338,14 @@ export function ensureCodexConfig({
       result.sandboxWorkspaceUpdated = !ensured.added;
       result.sandboxWorkspaceRootsAdded = ensured.rootsAdded || [];
     }
+
+    // Prune any writable_roots that no longer exist on disk
+    const pruned = pruneStaleSandboxRoots(toml);
+    if (pruned.changed) {
+      toml = pruned.toml;
+      result.sandboxWorkspaceUpdated = true;
+      result.sandboxStaleRootsRemoved = pruned.removed;
+    }
   }
 
   // ── 1g. Ensure shell environment policy ───────────────────
@@ -1300,6 +1513,15 @@ export function printConfigSummary(result, log = console.log) {
     );
   }
 
+  if (result.sandboxStaleRootsRemoved && result.sandboxStaleRootsRemoved.length > 0) {
+    log(
+      `  🗑️  Pruned ${result.sandboxStaleRootsRemoved.length} stale writable root(s) that no longer exist`,
+    );
+    for (const r of result.sandboxStaleRootsRemoved) {
+      log(`     - ${r}`);
+    }
+  }
+
   if (result.shellEnvAdded) {
     log("  ✅ Added shell environment policy (inherit=all)");
   }

package/codex-shell.mjs

@@ -222,7 +222,7 @@ const THREAD_OPTIONS = {
   skipGitRepoCheck: true,
   webSearchMode: "live",
   approvalPolicy: "never",
-  // Note: sub-agent features (child_agents_md, collab, memory_tool, etc.)
+  // Note: sub-agent features (child_agents_md, multi_agent, memory_tool, etc.)
   // are configured via ~/.codex/config.toml [features] section, not SDK ThreadOptions.
   // codex-config.mjs ensureFeatureFlags() handles this during setup.
 };
@@ -247,7 +247,7 @@ async function getThread() {
       config: {
         features: {
           child_agents_md: true,
-          collab: true,
+          multi_agent: true,
           memory_tool: true,
           undo: true,
           steer: true,
@@ -746,7 +746,7 @@ export async function initCodexShell() {
       config: {
         features: {
           child_agents_md: true,
-          collab: true,
+          multi_agent: true,
           memory_tool: true,
           undo: true,
           steer: true,